"According to a filing made by TransUnion's in-house counsel to the Office of the Maine Attorney General, a recent attack on a third-party application compromised the personal data of 4,461,511 people. In the template letter due to be sent this week, TransUnion did not specify the types of data accessed, but said that personal information was exposed to attackers who targeted the third-party app used by consumer support staff."
"The Register asked TransUnion which third-party application led to the breach, whether it was connected to the recent breaches at Salesforce customers, what types of data were compromised, and whether the data was stolen. The company told us: "TransUnion recently experienced a cyber incident that affected a third-party application serving our US consumer support operations. Upon discovery, we quickly contained the issue,""
A cyberattack on a third-party application used by consumer support staff exposed personal information for 4,461,511 individuals. The attack occurred on July 28 and was discovered two days later. Exposed information typically includes names, home and email addresses, and phone numbers, and in some cases passport, driver's license, and national identity card details. TransUnion confirmed that credit reports and core credit data were not affected and said the exposure was limited to specific data elements. The company stated it quickly contained the issue, engages in proactive security measures, and is enhancing security controls to reduce the risk of similar incidents.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]